“The Tories Have Accidentally Revealed The Personal Mobile Numbers Of Hundreds Of MPs And Journalists On Their Conference App”

These are the people charged with our Brexit it negotiations and keeping the UK safe!!!

“The Conservative party has accidentally allowed the personal mobile phone numbers of hundreds of MPs, journalists, and party members to be revealed to the public on its conference app.

A security flaw allowed anyone who downloaded the app to log in as any attendee to the party conference, which begins in Birmingham tomorrow, using only their email address. No password was required to view any attendee’s personal details, including their mobile phone number.

BuzzFeed News was able to access the personal mobile phone numbers of cabinet ministers, MPs, journalists, and Tory party members within seconds.

Users of the app are also able to change the privacy settings of other attendees using only their email address, allowing anyone else using the app to search their name and then view their mobile number.

An MP who had their personal phone number tweeted out told BuzzFeed News: “CCHQ genuinely can’t be trusted to do anything. This is a serious security breach and no laughing matter. Whoever is responsible needs to go.”

Labour MP Jon Trickett said: “How can we trust this Tory Government with our country’s security when they can’t even build a conference app that keeps the data of their members, MPs and others attending safe and secure?”

Journalist Dawn Foster reported being able to log in as Boris Johnson and then view his personal mobile number.”

One thought on ““The Tories Have Accidentally Revealed The Personal Mobile Numbers Of Hundreds Of MPs And Journalists On Their Conference App””

This is not exactly an accident – it can only be described as gross negligence.

As an IT professional I know full well that IT systems should be tested properly for security vulnerabilities, especially those holding personal data, in order to avoid hackers being able to pick the locks or blow-up the safe and get hold of the data.

But in this instance, it appears that there was not actually any security on the system at all. You provided your email address and didn’t need a password. That is NOT an accident – that is gross negligence, a failure to implement even the most basic of security measures.